[solved]Triple fault after pageing is enabled

[dukedevon]

After enabling pageing I get a triple fault.
The pagetable looks like this:

Code: Select all

0x00000000-0x00109fff -> 0x00000000-0x00109fff

bochs issues the following assembler commands before crashing:

Code: Select all

mov cr0, eax      <<<---- After that I get the page table
leave                 <<<---- Here the triple fault happens

If I try to issue another command before the leave, it also crashes right after mov cr0, eax.
I am not really firm with pagetables, does mine look convenient?

Thanks in advance
dukedevon

[Combuster]

Is that pagingdump the same at the crashing instruction? What's the pagefault address?

[dukedevon]

Is that pagingdump the same at the crashing instruction? What's the pagefault address?

I changed my code a little. I followed http://www.osdever.net/tutorials/view/i ... sic-paging to make it easier for me to understand the whole thing.

Now the pagetable looks like this before the crash:

Code: Select all

0x00000000-0x003fffff -> 0x00000000-0x003fffff

After the crash, bochs dumps the following information:

Code: Select all

00022873145i[CPU0 ] CPU is in protected mode (active)
00022873145i[CPU0 ] CS.d_b = 32 bit
00022873145i[CPU0 ] SS.d_b = 32 bit
00022873145i[CPU0 ] EFER   = 0x00000000
00022873145i[CPU0 ] | RAX=00000000e0000011  RBX=0000000000103004
00022873145i[CPU0 ] | RCX=00000000000b0030  RDX=00000000000003d5
00022873145i[CPU0 ] | RSP=0000000001feff84  RBP=0000000001feff84
00022873145i[CPU0 ] | RSI=0000000000000000  RDI=0000000000000000
00022873145i[CPU0 ] |  R8=0000000000000000   R9=0000000000000000
00022873145i[CPU0 ] | R10=0000000000000000  R11=0000000000000000
00022873145i[CPU0 ] | R12=0000000000000000  R13=0000000000000000
00022873145i[CPU0 ] | R14=0000000000000000  R15=0000000000000000
00022873145i[CPU0 ] | IOPL=0 id vip vif ac vm RF nt of df IF tf SF zf af PF cf
00022873145i[CPU0 ] | SEG selector     base    limit G D
00022873145i[CPU0 ] | SEG sltr(index|ti|rpl)     base    limit G D
00022873145i[CPU0 ] |  CS:0008( 0001| 0|  0) 00000000 ffffffff 1 1
00022873145i[CPU0 ] |  DS:0010( 0002| 0|  0) 00000000 ffffffff 1 1
00022873145i[CPU0 ] |  SS:0010( 0002| 0|  0) 00000000 ffffffff 1 1
00022873145i[CPU0 ] |  ES:0010( 0002| 0|  0) 00000000 ffffffff 1 1
00022873145i[CPU0 ] |  FS:0010( 0002| 0|  0) 00000000 ffffffff 1 1
00022873145i[CPU0 ] |  GS:0010( 0002| 0|  0) 00000000 ffffffff 1 1
00022873145i[CPU0 ] |  MSR_FS_BASE:0000000000000000
00022873145i[CPU0 ] |  MSR_GS_BASE:0000000000000000
00022873145i[CPU0 ] | RIP=00000000001003a5 (00000000001003a5)
00022873145i[CPU0 ] | CR0=0xe0000011 CR2=0x0000000001feff80
00022873145i[CPU0 ] | CR3=0x0009c000 CR4=0x00000000
00022873145e[CPU0 ] exception(): 3rd (14) exception with no resolution, shutdown status is 00h, resetting

CR3 contains the address i assigned it to, so that looks fine.

I get 0x1feff80 as the faulting address. What do I do with that information?

Thanks in advance
dukedevon

[xenos]

Code: Select all

0x00000000-0x003fffff -> 0x00000000-0x003fffff

So you identity-map the first 4 MB. Fine.

I get 0x1feff80 as the faulting address. What do I do with that information?

This is the virtual address that causes the page fault, i.e. some instruction tried to access memory at virtual address 0x1feff80. Obviously this must fail, because you did not map anything to that address. It's far beyond your 4 MB.

[dukedevon]

This is the virtual address that causes the page fault, i.e. some instruction tried to access memory at virtual address 0x1feff80. Obviously this must fail, because you did not map anything to that address. It's far beyond your 4 MB.

I can figure that out, but I don't know how to fix this.
The command that causes the crash is the last of the following

Code: Select all

mov cr0, eax   <<<------ This one works fine
pop ebp          <<<------ This one crashes

after the mov the regs look like this:

Code: Select all

CPU0:
rax: 0x00000000:e0000011 rcx: 0x00000000:000b0030
rdx: 0x00000000:000003d5 rbx: 0x00000000:00103004
rsp: 0x00000000:01feff84 rbp: 0x00000000:01feff84
rsi: 0x00000000:00000000 rdi: 0x00000000:00000000
r8 : 0x00000000:00000000 r9 : 0x00000000:00000000
r10: 0x00000000:00000000 r11: 0x00000000:00000000
r12: 0x00000000:00000000 r13: 0x00000000:00000000
r14: 0x00000000:00000000 r15: 0x00000000:00000000
rip: 0x00000000:001003a5
eflags 0x00000286: id vip vif ac vm rf nt IOPL=0 of df IF tf SF zf af PF cf

creg:

Code: Select all

CR0=0xe0000011: PG CD NW ac wp ne ET ts em mp PE
CR2=page fault laddr=0x0000000000000000
CR3=0x0019c000
    PCD=page-level cache disable=0
    PWT=page-level write-through=0
CR4=0x00000000: osxsave pcid smx vmx osxmmexcpt osfxsr pce pge mce pae pse de tsd pvi vme
EFER=0x00000000: ffxsr nxe lma lme sce

Is my stack broken?
What can I do to fix the issue?

[gerryg400]

Is my stack broken?

Modify your code so that the instruction after mov to cr0 doesn't touch the stack. Then you will know.

[dukedevon]

Is my stack broken?

Modify your code so that the instruction after mov to cr0 doesn't touch the stack. Then you will know.

Thanks, that helped me a lot. Figured out I didn't even declare a sys_stack in my loader.s
I wonder how I got this far...
Thanks a lot, I would be totally lost without this forum!!!
Thank you for being so tolerant towards my stupid newbie questions.

[Combuster]

Are you passing -i or -r to the linker? They stop it from emitting errors for missing symbols (as well as generating a wrong binary), yet some braindead tutorials (and occasionally other members) advocate its use.